cdn.prismic.io should not be blocked

[hlassiege]

Please read the CONTRIBUTING guide before submitting an issue.

Description

Prismic is detected as a tracker in Ghostery. Prismic is an headless CMS (like strapi, or contentfull). It don't use any data coming from the user. It is used to build a website, retrieving content through its API

Expected Behavior

Prismic should not be detected as a tracker and blocked

Actual Behavior

Prismic API calls are blocked

[chrmod]

Hi @hlassiege. Thank you for reporting. Can you please provide a website example?

It does not look like Prismic is covered by Ghostery TrackerDB, so the blocking must come from some of community lists that we use. We have to investigate.

I will move this issue to another repository.

[hlassiege]

Our website is still under construction and not accessible publicly. I tried to find other examples in their showcase but the vast majority use their API on server side. The only example I found is this one : https://matchartists.co/ My ghostery extension blocks some content.

[chrmod]

was looking into matchartists.co but can only see Google Analytics to be blocked. Can you please try to provide urls of blocked resources? We should be able to check which community filter blocks prismic, but without examples it is a guessing game.

[hlassiege]

Hi, on my dev local environnement, here is what it looks like :

[hlassiege]

maybe it's only because the subdomain has the name "marketing" ?

[chrmod]

I've checked the community lists and non filter did trigger.

On your screenshot we can see that some access_token are replaces with ghostery. This suggest that our Anti-Tracking system decided this is potential privacy leak and is removing the user identifier. Anti-Tracking learns with time, so if more users would use this endpoint and/or access_token it would start to consider it safe.

Question is, why those requests are blocked.

If we could observe this on a public website, I'm sure we can do something about it.